Jump to content

Malware removal assistance - Antivirus Security Pro

jadanzzy

By jadanzzy
in Resolved Malware Removal Logs

 Share

Recommended Posts

jadanzzy

jadanzzy

Posted
Posted

I ran FRST; scan result below. I am grateful for the assistance in advance!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-11-2013 (ATTENTION: ====> FRST version is 52 days old and could be outdated)
Ran by SYSTEM on MININT-9U7SHKE on 15-01-2014 08:56:25
Running from G:\
Windows 7 Home Premium (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe [496184 2010-03-09] (Conexant Systems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe [35184 2008-12-02] (Adobe Systems Incorporated)
HKLM\...\Run: [VeriFaceManager] - C:\Program Files\Lenovo\VeriFace\PManage.exe
HKLM\...\Run: [uCam_Menu] - C:\Program Files\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [YouCam Mirror Tray icon] - C:\Program Files\Lenovo\YouCam\YouCamTray.exe [167008 2009-12-22] (CyberLink Corp.)
HKLM\...\Run: [updateP2GShortCut] - C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [EnergyUtility] - C:\Program Files\Lenovo\Energy Management\utility.exe [4114368 2009-12-16] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] - C:\Program Files\Lenovo\Energy Management\Energy Management.exe [6223808 2009-12-16] (Lenovo (Beijing) Limited)
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1180976 2010-08-04] (McAfee, Inc.)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] - C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-02] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [1848648 2009-07-06] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.EXE [722256 2008-12-11] (CANON INC.)
HKLM\...\Run: [AS2014] - C:\ProgramData\7DaaUpn3\7DaaUpn3.exe [537200 2013-10-13] ()
HKLM\...\Run: [dbclt] - "C:\Windows\System32\rundll32.exe" "C:\Users\Brooke\AppData\Roaming\dbclt.dll",get_sBIT <===== ATTENTION
HKLM\...\Run: [auioc] - "C:\Windows\System32\rundll32.exe" "C:\Users\Brooke\AppData\Roaming\auioc.dll",write_row <===== ATTENTION
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,,C:\ProgramData\7DaaUpn3\7DaaUpn3.exe -sm,
HKU\Brooke\...\Run: [HLBackupScheduler] - C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe [ 2010-12-08] ()
HKU\Brooke\...\Run: [WorkForce 520(Network)] - C:\Windows\Temp\E_SE20D.tmp [ 2012-02-05] ()
HKU\Brooke\...\Run: [spotify Web Helper] - C:\Users\Brooke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [ 2013-07-08] (Spotify Ltd)
HKU\Brooke\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2010-10-11] (Google Inc.)
HKU\Brooke\...\Run: [spotify] - C:\Users\Brooke\AppData\Roaming\Spotify\spotify.exe [ 2013-07-08] (Spotify Ltd)
HKU\Brooke\...\Run: [auioc] - rundll32.exe "C:\Users\Brooke\AppData\Roaming\auioc.dll",write_row <===== ATTENTION
HKU\Brooke\...\Run: [dbclt] - rundll32.exe "C:\Users\Brooke\AppData\Roaming\dbclt.dll",get_sBIT <===== ATTENTION
HKU\Brooke\...\Run: [qhafvnwv] - C:\Users\Brooke\AppData\Local\hsjmvmag.exe [ 2013-10-13] ()
HKU\Brooke\...\Run: [AS2014] - C:\ProgramData\7DaaUpn3\7DaaUpn3.exe [ 2013-10-13] ()
HKU\Default\...\RunOnce: [WLStart] - C:\Program Files\Windows Live\Installer\wlstart.exe [ 2009-07-26] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [WLStart] - C:\Program Files\Windows Live\Installer\wlstart.exe [ 2009-07-26] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\   [ ] ()
Startup: C:\Users\Brooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\Brooke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk
ShortcutTarget: Epson all-in-one Registration.lnk ->  (No File)
HKLM\...\AppCertDlls: [cmdkrted] -> C:\Windows\System32\ocserter.dll [65024 2013-10-13] ()
 
========================== Services (Whitelisted) =================
 
S2 AdobeActiveFileMonitor8.0; C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [169312 2009-10-09] (Adobe Systems Incorporated)
S2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
S3 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [107912 2008-10-09] ()
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [575304 2009-11-17] (Lenovo Group Limited)
S2 McMPFSvc; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [271480 2009-12-14] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [271480 2009-12-14] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [271480 2009-12-14] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [271480 2009-12-14] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [364216 2010-03-10] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [271480 2009-12-14] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [171168 2010-09-04] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [188136 2010-09-04] (McAfee, Inc.)
S2 mfevtp; C:\windows\system32\mfevtps.exe [141792 2010-09-04] (McAfee, Inc.)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
 
==================== Drivers (Whitelisted) ====================
 
S3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [21256 2009-09-03] (Lenovo Corporation)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5340160 2010-03-02] (ATI Technologies Inc.)
S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [55840 2010-09-04] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [95600 2010-09-04] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [152992 2010-09-04] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [52104 2010-09-04] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [312904 2010-09-04] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [386712 2010-09-04] (McAfee, Inc.)
S1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [64304 2010-09-04] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [84264 2010-09-04] (McAfee, Inc.)
S1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [164808 2010-09-04] (McAfee, Inc.)
S3 PTUMWBus; C:\Windows\System32\DRIVERS\PTUMWBus.sys [54544 2010-07-20] (DEVGURU Co., LTD.)
S3 PTUMWCDF; C:\Windows\System32\DRIVERS\PTUMWCDF.sys [22032 2010-07-20] (DEVGURU Co., LTD.)
S3 PTUMWCSP; C:\Windows\System32\DRIVERS\PTUMWCSP.sys [160400 2010-07-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTUMWFLT; C:\Windows\System32\DRIVERS\PTUMWFLT.sys [11920 2010-07-20] (DEVGURU Co., LTD.)
S3 PTUMWMdm; C:\Windows\System32\DRIVERS\PTUMWMdm.sys [160400 2010-07-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTUMWNET; C:\Windows\System32\DRIVERS\PTUMWNET.sys [115216 2010-07-20] (DEVGURU Co., LTD.)
S3 PTUMWNSP; C:\Windows\System32\DRIVERS\PTUMWNSP.sys [160400 2010-07-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTUMWVsp; C:\Windows\System32\DRIVERS\PTUMWVsp.sys [160400 2010-07-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [171776 2009-10-16] (SMI)
S3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows ® Codename Longhorn DDK provider)
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
S3 BcmSqlStartupSvc; 
S2 IAStorDataMgrSvc; 
S2 IviRegMgr; 
S3 mfeavfk01; No ImagePath
S2 RichVideo; 
S3 SQLWriter; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-15 08:56 - 2014-01-15 08:56 - 00000000 ____D C:\FRST
2014-01-14 17:20 - 2013-11-30 07:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Brooke\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-14 17:11 - 2014-01-14 17:11 - 49940480 _____ C:\Program Files\GUTA9A7.tmp
2014-01-14 17:11 - 2014-01-14 17:11 - 00000000 ____D C:\Program Files\GUMA997.tmp
 
==================== One Month Modified Files and Folders =======
 
2014-01-15 08:56 - 2014-01-15 08:56 - 00000000 ____D C:\FRST
2014-01-15 05:50 - 2013-10-13 08:42 - 00001666 _____ C:\Users\Brooke\Desktop\Antivirus Security Pro.lnk
2014-01-15 05:50 - 2013-10-13 08:42 - 00000118 _____ C:\Users\Brooke\Desktop\Antivirus Security Pro support.url
2014-01-15 05:50 - 2012-07-14 09:09 - 00000000 ____D C:\Users\Brooke\AppData\Roaming\Spotify
2014-01-15 05:50 - 2012-06-08 14:54 - 00000000 ___RD C:\Users\Brooke\Dropbox
2014-01-15 05:50 - 2012-06-08 14:51 - 00000000 ____D C:\Users\Brooke\AppData\Roaming\Dropbox
2014-01-15 05:49 - 2010-10-15 09:48 - 00000439 _____ C:\Windows\System32\Drivers\etc\hosts.ics
2014-01-15 05:35 - 2009-07-13 20:34 - 00009920 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-15 05:35 - 2009-07-13 20:34 - 00009920 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-15 05:32 - 2010-07-21 09:32 - 00726444 _____ C:\Windows\System32\PerfStringBackup.INI
2014-01-15 05:30 - 2010-07-21 09:49 - 00001828 _____ C:\Users\Public\Desktop\McAfee Security Center.lnk
2014-01-15 05:28 - 2009-07-13 20:39 - 00102951 _____ C:\Windows\setupact.log
2014-01-14 17:11 - 2014-01-14 17:11 - 49940480 _____ C:\Program Files\GUTA9A7.tmp
2014-01-14 17:11 - 2014-01-14 17:11 - 00000000 ____D C:\Program Files\GUMA997.tmp
 
Some content of TEMP:
====================
C:\Users\Brooke\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Brooke\AppData\Local\Temp\eject.exe
C:\Users\Brooke\AppData\Local\Temp\GoogleChromeInstaller.exe
C:\Users\Brooke\AppData\Local\Temp\installhelper.dll
C:\Users\Brooke\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Brooke\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Brooke\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Brooke\AppData\Local\Temp\ocserter.dll
C:\Users\Brooke\AppData\Local\Temp\ose00000.exe
C:\Users\Brooke\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Brooke\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
C:\Users\Brooke\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Brooke\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Brooke\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Brooke\AppData\Local\Temp\tbmidi.dll
C:\Users\Brooke\AppData\Local\Temp\uninstall.exe
C:\Users\Brooke\AppData\Local\Temp\_is297.exe
C:\Users\Brooke\AppData\Local\Temp\_isE1BF.exe
C:\Users\Brooke\AppData\Local\Temp\{2041318C-B807-478B-A59C-F5B2B3C0FED4}-29.0.1547.66_28.0.1500.95_chrome_updater.exe
C:\Users\Brooke\AppData\Local\Temp\{EA653090-71E5-41F4-84B2-D3BBAD064294}-GoogleUpdateSetup.exe
C:\Users\Brooke\AppData\Local\Temp\~idle31931674.dll
C:\Users\Brooke\AppData\Local\Temp\~idle68935871.dll
 
 
==================== Known DLLs (Whitelisted) ============
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
4
Restore point made on: 2013-09-24 16:09:35
Restore point made on: 2013-10-05 17:12:27
Restore point made on: 2013-10-12 05:35:24
Restore point made on: 2013-10-13 06:53:53
 
==================== Memory info =========================== 
 
Percentage of memory in use: 16%
Total physical RAM: 2812.2 MB
Available physical RAM: 2345.48 MB
Total Pagefile: 2810.48 MB
Available Pagefile: 2355.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1937.98 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:105.1 GB) (Free:30.01 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:28.19 GB) NTFS
Drive g: (DRA) (Removable) (Total:14.63 GB) (Free:10.52 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.2 GB) (Free:0.15 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: FB2F2446)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=105 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=15 GB) - (Type=12)
 
========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0B)
 
 
LastRegBack: 2013-10-12 06:26
 
==================== End Of Log ============================
Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Please download the attached fixlist.txt and copy it to your flashdrive.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options. (as you did before)

Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

See if the computer boots normally now and if so

MrC

Link to post
Share on other sites
jadanzzy

jadanzzy

Posted
  • Author
Posted

Fixlog below:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-11-2013
Ran by SYSTEM at 2014-01-15 14:52:14 Run:1
Running from G:\
Boot Mode: Recovery
 
==============================================
 
Content of fixlist:
*****************
HKLM\...\Run: [dbclt] - "C:\Windows\System32\rundll32.exe" "C:\Users\Brooke\AppData\Roaming\dbclt.dll",get_sBIT 
HKLM\...\Run: [auioc] - "C:\Windows\System32\rundll32.exe" "C:\Users\Brooke\AppData\Roaming\auioc.dll",write_row 
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe,,C:\ProgramData\7DaaUpn3\7DaaUpn3.exe -sm,
HKU\Brooke\...\Run: [auioc] - rundll32.exe "C:\Users\Brooke\AppData\Roaming\auioc.dll",write_row 
HKU\Brooke\...\Run: [dbclt] - rundll32.exe "C:\Users\Brooke\AppData\Roaming\dbclt.dll",get_sBIT 
HKU\Brooke\...\Run: [qhafvnwv] - C:\Users\Brooke\AppData\Local\hsjmvmag.exe [ 2013-10-13] ()
HKU\Brooke\...\Run: [AS2014] - C:\ProgramData\7DaaUpn3\7DaaUpn3.exe [ 2013-10-13] ()
HKLM\...\AppCertDlls: [cmdkrted] -> C:\Windows\System32\ocserter.dll [65024 2013-10-13] ()
C:\Users\Brooke\AppData\Roaming\dbclt.dll
C:\Users\Brooke\AppData\Roaming\auioc.dll
C:\ProgramData\7DaaUpn3\7DaaUpn3.exe 
C:\Users\Brooke\AppData\Roaming\auioc.dll
C:\Users\Brooke\AppData\Roaming\dbclt.dll
C:\Users\Brooke\AppData\Local\hsjmvmag.exe 
C:\ProgramData\7DaaUpn3\7DaaUpn3.exe 
C:\Windows\System32\ocserter.dll 
C:\ProgramData\7DaaUpn3
S3 BcmSqlStartupSvc; 
S2 IAStorDataMgrSvc; 
S2 IviRegMgr; 
S3 mfeavfk01; No ImagePath
S2 RichVideo; 
S3 SQLWriter; 
C:\Program Files\GUTA9A7.tmp
C:\Program Files\GUMA997.tmp
C:\Users\Brooke\Desktop\Antivirus Security Pro.lnk
C:\Users\Brooke\Desktop\Antivirus Security Pro support.url
C:\Users\Brooke\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Brooke\AppData\Local\Temp\eject.exe
C:\Users\Brooke\AppData\Local\Temp\GoogleChromeInstaller.exe
C:\Users\Brooke\AppData\Local\Temp\installhelper.dll
C:\Users\Brooke\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Brooke\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Brooke\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Brooke\AppData\Local\Temp\ocserter.dll
C:\Users\Brooke\AppData\Local\Temp\ose00000.exe
C:\Users\Brooke\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Brooke\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
C:\Users\Brooke\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Brooke\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Brooke\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Brooke\AppData\Local\Temp\tbmidi.dll
C:\Users\Brooke\AppData\Local\Temp\uninstall.exe
C:\Users\Brooke\AppData\Local\Temp\_is297.exe
C:\Users\Brooke\AppData\Local\Temp\_isE1BF.exe
C:\Users\Brooke\AppData\Local\Temp\{2041318C-B807-478B-A59C-F5B2B3C0FED4}-29.0.1547.66_28.0.1500.95_chrome_updater.exe
C:\Users\Brooke\AppData\Local\Temp\{EA653090-71E5-41F4-84B2-D3BBAD064294}-GoogleUpdateSetup.exe
C:\Users\Brooke\AppData\Local\Temp\~idle31931674.dll
C:\Users\Brooke\AppData\Local\Temp\~idle68935871.dll
 
*****************
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\dbclt => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\auioc => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
HKU\Brooke\Software\Microsoft\Windows\CurrentVersion\Run\\auioc => Value deleted successfully.
HKU\Brooke\Software\Microsoft\Windows\CurrentVersion\Run\\dbclt => Value deleted successfully.
HKU\Brooke\Software\Microsoft\Windows\CurrentVersion\Run\\qhafvnwv => Value deleted successfully.
HKU\Brooke\Software\Microsoft\Windows\CurrentVersion\Run\\AS2014 => Value deleted successfully.
HKLM\System\ControlSet001\Control\Session Manager\AppCertDlls\\cmdkrted => Value deleted successfully.
C:\Users\Brooke\AppData\Roaming\dbclt.dll => Moved successfully.
C:\Users\Brooke\AppData\Roaming\auioc.dll => Moved successfully.
C:\ProgramData\7DaaUpn3\7DaaUpn3.exe  => Moved successfully.
"C:\Users\Brooke\AppData\Roaming\auioc.dll" => File/Directory not found.
"C:\Users\Brooke\AppData\Roaming\dbclt.dll" => File/Directory not found.
C:\Users\Brooke\AppData\Local\hsjmvmag.exe  => Moved successfully.
"C:\ProgramData\7DaaUpn3\7DaaUpn3.exe " => File/Directory not found.
C:\Windows\System32\ocserter.dll  => Moved successfully.
C:\ProgramData\7DaaUpn3 => Moved successfully.
BcmSqlStartupSvc => Service deleted successfully.
IAStorDataMgrSvc => Service deleted successfully.
IviRegMgr => Service deleted successfully.
mfeavfk01 => Service deleted successfully.
RichVideo => Service deleted successfully.
SQLWriter => Service deleted successfully.
C:\Program Files\GUTA9A7.tmp => Moved successfully.
C:\Program Files\GUMA997.tmp => Moved successfully.
C:\Users\Brooke\Desktop\Antivirus Security Pro.lnk => Moved successfully.
C:\Users\Brooke\Desktop\Antivirus Security Pro support.url => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\conduitinstaller.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\eject.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\GoogleChromeInstaller.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\installhelper.dll => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\MSETUP4.EXE => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\ocserter.dll => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\ose00000.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\SearchWithGoogleUpdate.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\SetupDataMngr_Searchqu.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\SpotifyUpgrader.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\SRAssetsHelper.dll => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\tbmidi.dll => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\uninstall.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\_is297.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\_isE1BF.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\{2041318C-B807-478B-A59C-F5B2B3C0FED4}-29.0.1547.66_28.0.1500.95_chrome_updater.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\{EA653090-71E5-41F4-84B2-D3BBAD064294}-GoogleUpdateSetup.exe => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\~idle31931674.dll => Moved successfully.
C:\Users\Brooke\AppData\Local\Temp\~idle68935871.dll => Moved successfully.
 
==== End of Fixlog ====
Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Good.....

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC
Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.