Jump to content

Recommended Posts

My Dell Inspiron (laptop) is only a few months; 64 bit and running Windows 7. 

 

Several months ago I discovered this very unusual infection that caused my cursor to have a "mind of its' own," it would jerk around spontaneously when scrolling with the sidebar, sometimes the cursor would jump up to the "x" and I would accidentally click out,  when I would be typing  I might have an entire paragraph be highlighted real quick and I'd hit a key and erase everything.  it detected and removed several items; the problem was fixed for several months. 

 

Now it seems to be back again....I have the jerky cursor and sidebar issue, accidentally closing stuff, it's also refreshing pages spontaneously, and it zooms in and out on pages. It's really annoying, I even caught my cursor moving slightly when I wasn't even toughing anything. However, this time malewarebytes nor MSE detect anything after a quick scan, and I update the data base every time before scanning. I also purchased the pro version of MBAM to see if that would help, I ran a full scan, MBAM did find a few objects I removed them, but it didn't solve the problem, the annoying behavior is there and no scan (quick or full) will detect anything.

 

dds.txtattach.txt

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

Thanks for your reply! When I went to submit my reply there was an error saying my post was too long. The TDSKiller did not find any infected objects though. 

 

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software

Run date: 2014-01-13 14:26:02

-----------------------------

14:26:02.740    OS Version: Windows x64 6.1.7601 Service Pack 1

14:26:02.740    Number of processors: 8 586 0x3A09

14:26:02.742    ComputerName: JEREMY-PC  UserName: Jeremy

14:26:05.450    Initialize success

14:27:20.271    AVAST engine defs: 14011300

14:27:31.531    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006f

14:27:31.535    Disk 0 Vendor: ATA_____ 1A01 Size: 953869MB BusType: 11

14:27:31.650    Disk 0 MBR read successfully

14:27:31.654    Disk 0 MBR scan

14:27:31.680    Disk 0 Windows VISTA default MBR code

14:27:31.685    Disk 0 Partition 1 00     DE Dell Utility DELL 4.1       39 MB offset 63

14:27:31.719    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        21686 MB offset 81920

14:27:31.749    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       932142 MB offset 44494848

14:27:31.900    Disk 0 scanning C:\Windows\system32\drivers

14:27:45.434    Service scanning

14:28:29.330    Modules scanning

14:28:29.344    Disk 0 trace - called modules:

14:28:29.411    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys ACPI.sys storport.sys hal.dll iaStorA.sys 

14:28:29.419    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80099ef790]

14:28:29.430    3 CLASSPNP.SYS[fffff88000c0143f] -> nt!IofCallDriver -> [0xfffffa8007d05c50]

14:28:29.435    5 iaStorF.sys[fffff880019f3168] -> nt!IofCallDriver -> [0xfffffa8007961570]

14:28:29.439    7 ACPI.sys[fffff88000ef87a1] -> nt!IofCallDriver -> \Device\0000006f[0xfffffa8007bc3060]

14:28:31.477    AVAST engine scan C:\Windows

14:28:35.951    AVAST engine scan C:\Windows\system32

14:32:51.016    AVAST engine scan C:\Windows\system32\drivers

14:33:28.194    AVAST engine scan C:\Users\Jeremy

14:42:46.443    AVAST engine scan C:\ProgramData

14:44:56.291    Scan finished successfully

14:59:12.722    Disk 0 MBR has been saved successfully to "C:\Users\Jeremy\Desktop\MBR.dat"

14:59:12.727    The log file has been saved successfully to "C:\Users\Jeremy\Desktop\aswMBR.txt"

 

Edit: I just attatched the TDSKiller log

TDSSKiller.3.0.0.19_13.01.2014_15.02.22_log.txt

Link to post
Share on other sites

I ran a full scan, MBAM did find a few objects I removed them, but it didn't solve the problem, the annoying behavior is there and no scan (quick or full) will detect anything.
 
You told us that you removed several items with Malwarebytes´ Antimalware. This tool creates a log on every run and we need to see them.

  • The logs can be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Zip any and all of these logs and attach the file to your next reply.

Link to post
Share on other sites

I cannot located any folder with log files saved using the pathway you gave, but when I search in the windows start menu I locate the "Malwarebytes' Anti-Malware" folder, I took a snap shot of my screen so you can see all the items in this folder and sub-folders...but there is no sub-folder with logs in

 

I attached a log on my desktop from November (also note that it is the only log that appears when I search for "mbam log..." )  but it is not the most recent log in which there was an "infected object," detected. Since I have had my laptop, there have only been 2 instances in which malewarebytes detected something that I removed. I can only find the log for the first instance. This is when I was using the free trial version. After removing these objects my computer stopped behaving abnormally for a month or so. A week or so ago, it started back up again and I could not detect anything with a "quick scan." When I tried "full scan" it found 4 objects, I removed them, but my computer continued behaving abnormally. I do not have this logfile. 

 

 

post-59142-0-04540000-1389743714_thumb.j

 

 MBAM-log-2013-11-29 (22-03-41).txt

Link to post
Share on other sites

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also

 
 
Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Link to post
Share on other sites

 


# AdwCleaner v3.017 - Report created 16/01/2014 at 18:14:42

# Updated 12/01/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Jeremy - JEREMY-PC

# Running from : C:\Users\Jeremy\Downloads\adwcleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

Service Found : vToolbarUpdater17.3.0

 

***** [ Files / Folders ] *****

 

File Found : C:\END

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

File Found : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage

File Found : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal

File Found : C:\Users\Jeremy\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage

File Found : C:\Users\Jeremy\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal

File Found : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage

File Found : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal

File Found : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\02yon0iv.default\searchplugins\Conduit.xml

File Found : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\02yon0iv.default\searchplugins\safeguard-secure-search.xml

File Found : C:\Users\Public\Desktop\eBay.lnk

Folder Found : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieiiggnfmhgcolbimglmfjfpkjildjdd

Folder Found : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Folder Found : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\02yon0iv.default\Extensions\{bf9194c2-b86d-4ebc-9b53-1c08b6ff779e}

Folder Found C:\Program Files (x86)\AVG SafeGuard toolbar

Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Found C:\Program Files (x86)\Conduit

Folder Found C:\Program Files (x86)\Searchprotect

Folder Found C:\Program Files\Level Quality Watcher

Folder Found C:\ProgramData\AVG SafeGuard toolbar

Folder Found C:\ProgramData\Conduit

Folder Found C:\ProgramData\VisualBee

Folder Found C:\Users\Jeremy\AppData\Local\AVG SafeGuard toolbar

Folder Found C:\Users\Jeremy\AppData\Local\Conduit

Folder Found C:\Users\Jeremy\AppData\Local\NativeMessaging

Folder Found C:\Users\Jeremy\AppData\Local\Temp\NativeMessaging

Folder Found C:\Users\Jeremy\AppData\LocalLow\AVG SafeGuard toolbar

Folder Found C:\Users\Jeremy\AppData\LocalLow\Conduit

Folder Found C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\02yon0iv.default\CT3287802

Folder Found C:\Users\Jeremy\AppData\Roaming\Searchprotect

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\AppDataLow\Software\Conduit

Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\AVG SafeGuard toolbar

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\Google\Chrome\Extensions\ieiiggnfmhgcolbimglmfjfpkjildjdd

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKCU\Software\SearchProtect

Key Found : HKCU\Software\Softonic

Key Found : HKCU\Software\visualbee

Key Found : HKCU\Software\WEDLMNGR

Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar

Key Found : [x64] HKCU\Software\Conduit

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : [x64] HKCU\Software\SearchProtect

Key Found : [x64] HKCU\Software\Softonic

Key Found : [x64] HKCU\Software\visualbee

Key Found : [x64] HKCU\Software\WEDLMNGR

Key Found : HKLM\Software\AVG SafeGuard toolbar

Key Found : HKLM\Software\AVG Security Toolbar

Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI

Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1

Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj

Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1

Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Found : HKLM\SOFTWARE\Classes\S

Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3287802

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Found : HKLM\Software\Conduit

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ieiiggnfmhgcolbimglmfjfpkjildjdd

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Found : HKLM\Software\SearchProtect

Key Found : HKLM\Software\visualbee

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : [x64] HKLM\SOFTWARE\Scorpion Saver

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16428

 

 

-\\ Mozilla Firefox v26.0 (en-US)

 

[ File : C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\02yon0iv.default\prefs.js ]

 

Line Found : user_pref("CT3287802.FF19Solved", "true");

Line Found : user_pref("CT3287802.UserID", "UN31794089652907720");

Line Found : user_pref("CT3287802.browser.search.defaultthis.engineName", "true");

Line Found : user_pref("CT3287802.fullUserID", "UN31794089652907720.IN.20131129214940");

Line Found : user_pref("CT3287802.installDate", "29/11/2013 21:49:48");

Line Found : user_pref("CT3287802.installSessionId", "{206458D2-E6FF-43BE-B790-6375371437BD}");

Line Found : user_pref("CT3287802.installSp", "TRUE");

Line Found : user_pref("CT3287802.installerVersion", "1.8.1.4");

Line Found : user_pref("CT3287802.keyword", "true");


Line Found : user_pref("CT3287802.originalSearchAddressUrl", "");

Line Found : user_pref("CT3287802.originalSearchEngine", "AVG Secure Search");

Line Found : user_pref("CT3287802.originalSearchEngineName", "AVG Secure Search");

Line Found : user_pref("CT3287802.searchRevert", "false");

Line Found : user_pref("CT3287802.searchUninstallUserMode", "2");

Line Found : user_pref("CT3287802.searchUserMode", "2");

Line Found : user_pref("CT3287802.smartbar.homepage", "true");

Line Found : user_pref("CT3287802.toolbarInstallDate", "29-11-2013 21:49:40");

Line Found : user_pref("CT3287802.versionFromInstaller", "10.22.5.10");

Line Found : user_pref("CT3287802.xpeMode", "0");


Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");

Line Found : user_pref("browser.search.defaultenginename", "VisualBee V.3 Customized Web Search");

Line Found : user_pref("browser.search.defaultthis.engineName", "VisualBee V.3 Customized Web Search");


Line Found : user_pref("browser.search.selectedEngine", "VisualBee V.3 Customized Web Search");



Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3287802");



Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3287802");

Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3287802");

Line Found : user_pref("smartbar.machineId", "XV88LDKBO8GIOSFFY3Z1DQYXSP15QURSUUJW6TL+ZCAJC0CMRFIDVARWOZBCV3OTHUJJMPXDRGFZ4BILFPVHIG");


 

-\\ Google Chrome v32.0.1700.76

 

[ File : C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Found : icon_url

Found : search_url

Found : suggest_url

Found : keyword

Found : search_url

Found : icon_url

Found : search_url

Found : suggest_url

Found : keyword

 

*************************

 

AdwCleaner[R0].txt - [12994 octets] - [16/01/2014 18:14:42]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13055 octets] ##########

 


 

 

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.0 (01.07.2014:1)

OS: Windows 7 Home Premium x64

Ran by Jeremy on Thu 01/16/2014 at 20:40:40.61

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D10D9E44-7750-43AC-B4C4-F6ECC28463D8}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\Users\Jeremy\appdata\local\cre"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Thu 01/16/2014 at 20:45:40.81

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

I just ran another quick scan in MBAM and it foud two objects,  here is that log, 

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16476

Jeremy :: JEREMY-PC [administrator]

 

Protection: Disabled

 

1/18/2014 1:18:01 AM

MBAM-log-2014-01-18 (01-24-12).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 233869

Time elapsed: 5 minute(s), 45 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 2

C:\Users\Jeremy\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe (PUP.Optional.JumpyApps) -> No action taken.

C:\Users\Jeremy\Downloads\ZipOpenerSetup.exe (PUP.Optional.JumpyApps) -> No action taken.

 

(end)

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.