Jump to content

Recommended Posts

Hello and welome,

 

P2P/Piracy Warning:

 

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

 

Next,

 

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Open Malwarebytes Anti-Malware, from the Dashboard please Check for Updates by clicking the Update Now... link

When the update completes select > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

 

 

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

 

When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

 

 

In most cases, a restart will be required.

 

 

Wait for the prompt to restart the computer to appear, then click on Yes.

 

 

When the scan is completed from the main GUI click on History > Application Logs. Find your Scan log, the date when run will identify it. Checkmark "select" box > then hit the "view" button. The history log window will open. At the bottom of that window are two options, "Copy to clipboard" and "Export"

Select > "Copy to clipboard" that copies the full log to the windows clipboard, so at your reply you right click into the text field and select "Paste" the log is pasted (copied) to  your reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button.
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts. (re-enable when done)
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:

https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en'>https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

 

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window

In the "Scan Type" window, select Quick Scan

Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

 

1) Select the Windows key and R key together to open the "Run" function

2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

 

notepad c:\windows\debug\mrt.log

 

Let me see those logs, also give an update on any remaining issues or concerns.....

 

Thank you,

 

Kevin

 

 

 

 

 

Fixlist.txt

Link to post
Share on other sites

A lot of restarts are needed throughout your entire listed process. I will attach fixlog.txt and post my MBAM scan log now before continuing. MBAM is updated and settings are as you said they should be.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2/1/2015
Scan Time: 2:55:17 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.02.01.06
Rootkit Database: v2015.01.14.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jake
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 368950
Time Elapsed: 21 min, 36 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 2
PUP.Optional.SearchApp.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, Quarantined, [86cbad4a781175c1533ef4a273908977], 
PUP.Optional.SearchApp.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, Quarantined, [ada471864f3a0135aee3dfb71be85ba5], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

Fixlog.txt

Link to post
Share on other sites

Attaching contents of AdwCleaner. Let it be noted that upon restart, my homepage changed from default google to 'yaimo', which I have never heard of.

 

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Fighters
Folder Deleted : C:\ProgramData\LuucakyCoupoon
Folder Deleted : C:\ProgramData\15c2d18d058a1785
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\TidyNetwork
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
Folder Deleted : C:\Program Files\002
Folder Deleted : C:\Users\Jake\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Jake\Documents\Optimizer Pro
File Deleted : C:\Windows\System32\drivers\taphss6.sys
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : update-sys
Task Deleted : update-S-1-5-21-145773722-2116051232-14759766-1003
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Lightshot]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522032268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522302298}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566036668}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566306698}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522032268}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522302298}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566036668}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566306698}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Lightspark Team
Key Deleted : HKLM\SOFTWARE\VBMZ
Key Deleted : HKLM\SOFTWARE\visualbee
Key Deleted : HKLM\SOFTWARE\Information
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : [x64] HKLM\SOFTWARE\AllDaySavings 
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
 
-\\ Google Chrome v39.0.2171.95
 
 
*************************
 
AdwCleaner[s0].txt - [10003 octets] - [01/02/2015 15:34:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10064 octets] ##########
Link to post
Share on other sites

JRT results posted next. The entire program was run through the cmd menu. I assume this is normal.

 

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Fighters
Folder Deleted : C:\ProgramData\LuucakyCoupoon
Folder Deleted : C:\ProgramData\15c2d18d058a1785
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\TidyNetwork
Folder Deleted : C:\Windows\SysWOW64\hotspot shield
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
Folder Deleted : C:\Program Files\002
Folder Deleted : C:\Users\Jake\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Jake\Documents\Optimizer Pro
File Deleted : C:\Windows\System32\drivers\taphss6.sys
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : update-sys
Task Deleted : update-S-1-5-21-145773722-2116051232-14759766-1003
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Lightshot]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522032268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522302298}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566036668}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566306698}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522032268}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522302298}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566036668}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566306698}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Lightspark Team
Key Deleted : HKLM\SOFTWARE\VBMZ
Key Deleted : HKLM\SOFTWARE\visualbee
Key Deleted : HKLM\SOFTWARE\Information
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : [x64] HKLM\SOFTWARE\AllDaySavings 
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]
 
-\\ Google Chrome v39.0.2171.95
 
 
*************************
 
AdwCleaner[s0].txt - [10003 octets] - [01/02/2015 15:34:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10064 octets] ##########
Link to post
Share on other sites

My bad, I accidentally reposted the adw results... here is the JRT log.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Jake on Sun 02/01/2015 at 15:41:33.24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/01/2015 at 15:46:40.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

Lastly, Microsoft's Malicious software removal tool log. Let it be noted that skype has been either disabled or logged off of since the beginning of these processes because I was unsure of it being a P2P program or not(skype.exe is also linked to of one of these problems). Here is the log.

 

 
---------------------------------------------------------------------------------------
 
Microsoft Windows Malicious Software Removal Tool v4.21, June 2013
Started On Thu Jun 13 06:49:05 2013
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Jun 13 06:50:41 2013
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
 
Microsoft Windows Malicious Software Removal Tool v4.22, July 2013
Started On Wed Jul 10 11:57:57 2013
->Scan ERROR: resource process://pid:5972 (code 0x00000005 (5))
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Jul 10 11:59:42 2013
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.2, July 2013 (build 5.2.9201.0)
Started On Sun Jul 14 07:35:27 2013
 
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Sun Jul 14 07:37:18 2013
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.3, August 2013 (build 5.3.9301.0)
Started On Thu Aug 15 03:01:33 2013
 
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Aug 15 03:02:51 2013
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.4, September 2013 (build 5.4.9400.0)
Started On Wed Sep 11 19:05:54 2013
 
Engine: 1.1.9800.0
Signatures: 1.157.932.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 11 19:07:51 2013
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.5, October 2013 (build 5.5.9502.0)
Started On Fri Oct 18 05:53:40 2013
 
Engine: 1.1.9901.0
Signatures: 1.159.530.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Fri Oct 18 05:55:15 2013
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.6, November 2013 (build 5.6.9603.0)
Started On Thu Nov 14 03:00:52 2013
 
Engine: 1.1.10003.0
Signatures: 1.161.1618.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Nov 14 03:02:04 2013
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.7, December 2013 (build 5.7.9701.0)
Started On Sun Dec 15 03:01:05 2013
 
Engine: 1.1.10100.0
Signatures: 1.163.1013.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Sun Dec 15 03:02:31 2013
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.8, January 2014 (build 5.8.9803.0)
Started On Fri Jan 17 03:00:58 2014
 
Engine: 1.1.10201.0
Signatures: 1.165.1273.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Fri Jan 17 03:02:23 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.9, February 2014 (build 5.9.9902.0)
Started On Sat Feb 15 03:00:42 2014
 
Engine: 1.1.10201.0
Signatures: 1.165.3163.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Sat Feb 15 03:02:04 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.10, March 2014 (build 5.10.10001.0)
Started On Wed Mar 19 03:00:53 2014
 
Engine: 1.1.10302.0
Signatures: 1.167.1001.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Mar 19 03:02:09 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.11, April 2014 (build 5.11.10100.0)
Started On Thu Apr 10 15:20:40 2014
 
Engine: 1.1.10401.0
Signatures: 1.169.1258.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Apr 10 15:24:05 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.11, April 2014 (build 5.11.10100.0)
Started On Sun Apr 20 03:01:48 2014
 
Engine: 1.1.10401.0
Signatures: 1.169.1258.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Sun Apr 20 03:03:31 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.12, May 2014 (build 5.12.10200.0)
Started On Thu May 15 03:02:57 2014
 
Engine: 1.1.10502.0
Signatures: 1.173.1305.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu May 15 03:05:04 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.13, June 2014 (build 5.13.10300.0)
Started On Wed Jun 11 15:05:01 2014
 
Engine: 1.1.10600.0
Signatures: 1.175.1113.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Jun 11 15:07:40 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.14, July 2014 (build 5.14.10402.0)
Started On Wed Jul 09 03:04:49 2014
 
Engine: 1.1.10701.0
Signatures: 1.177.949.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Jul 09 03:07:00 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.15, August 2014 (build 5.15.10500.0)
Started On Wed Aug 13 03:09:35 2014
 
Engine: 1.1.10802.0
Signatures: 1.179.1796.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Aug 13 03:13:02 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.16, September 2014 (build 5.16.10602.0)
Started On Thu Sep 11 03:01:46 2014
 
Engine: 1.1.10904.0
Signatures: 1.183.882.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 11 03:16:46 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.17, October 2014 (build 5.17.10700.0)
Started On Wed Oct 15 03:02:02 2014
 
Engine: 1.1.11005.0
Signatures: 1.185.2035.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Oct 15 03:19:52 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.18, November 2014 (build 5.18.10802.0)
Started On Wed Nov 12 03:02:19 2014
 
Engine: 1.1.11104.0
Signatures: 1.187.1116.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Nov 12 03:08:05 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.19, December 2014 (build 5.19.10902.0)
Started On Wed Dec 10 03:05:03 2014
 
Engine: 1.1.11202.0
Signatures: 1.189.872.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Dec 10 03:12:37 2014
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)
Started On Wed Jan 14 03:01:53 2015
 
Engine: 1.1.11302.0
Signatures: 1.191.1276.0
 
Results Summary:
----------------
No infection found.
Microsoft Windows Malicious Software Removal Tool Finished On Wed Jan 14 03:11:38 2015
 
 
Return code: 0 (0x0)
 
---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.20, January 2015 (build 5.20.11000.0)
Started On Sun Feb 01 15:54:07 2015
 
Engine: 1.1.11302.0
Signatures: 1.191.1276.0
 
Results Summary:
----------------
No infection found.
Link to post
Share on other sites

I logged back into skype and recieved a website block within 5 minutes from the same website regarding skype.exe. I have yet to see an svchost.exe appear. I will post a protection log from today, maybe that will help.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Detection, 2/1/2015 12:00:18 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:00:18 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:00:20 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:00:24 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:00:58 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:01:00 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:01:04 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:11:08 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:11:08 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:11:10 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:11:10 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:11:14 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:11:14 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:11:48 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:11:49 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:11:50 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:11:50 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:11:54 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:11:55 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Update, 2/1/2015 12:13:19 AM, SYSTEM, OWNER-PC, Scheduler, Malware Database, 2015.1.31.6, 2015.2.1.1, 
Protection, 2/1/2015 12:13:20 AM, SYSTEM, OWNER-PC, Protection, Refresh, Starting, 
Protection, 2/1/2015 12:13:20 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 2/1/2015 12:13:20 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 2/1/2015 12:13:57 AM, SYSTEM, OWNER-PC, Protection, Refresh, Success, 
Protection, 2/1/2015 12:13:58 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 12:13:58 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Detection, 2/1/2015 12:21:18 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:21:18 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:21:20 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:21:24 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:22:00 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:22:02 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:22:06 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:31:30 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:31:30 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:31:32 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:31:32 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:31:36 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:31:36 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:32:10 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:32:10 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:32:12 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:32:12 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:32:16 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:41:40 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:41:42 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:41:46 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:42:20 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:42:22 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:42:26 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:52:17 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:52:17 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:52:19 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:52:19 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:52:23 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:52:23 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:52:57 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:52:57 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:52:59 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:52:59 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:53:03 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:53:03 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:54:58 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:54:58 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:55:00 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:55:00 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:55:04 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:55:04 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 12:55:39 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:55:41 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 12:55:45 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:05:40 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:05:42 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:05:46 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:06:20 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:06:20 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:06:22 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:06:22 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:06:26 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:06:26 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:16:39 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:16:40 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:16:44 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:17:19 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:17:21 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:17:25 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:26:47 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:26:49 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:26:53 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:27:28 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:27:28 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:27:30 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:27:30 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:27:34 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:27:34 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:36:56 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:36:56 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:36:58 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:36:58 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:37:02 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:37:02 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:37:37 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:37:39 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:37:43 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:48:09 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:48:11 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:48:15 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:48:15 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:48:49 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:48:49 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:48:51 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:48:51 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:48:55 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:48:55 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:55:23 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:55:23 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:55:25 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:55:25 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:55:29 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:55:29 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 1:58:29 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:58:31 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:58:35 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:59:09 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:59:11 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 1:59:15 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 2:08:51 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 2:08:53 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 2:08:57 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 2:09:31 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 2:09:31 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 2:09:33 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 2:09:33 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 2:09:37 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 2:09:37 AM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Update, 2/1/2015 2:33:05 PM, SYSTEM, OWNER-PC, Scheduler, Failed, Unable to access update server, 
Protection, 2/1/2015 2:47:48 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 2:47:49 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 2:47:49 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 2:47:49 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Update, 2/1/2015 2:52:45 PM, SYSTEM, OWNER-PC, Manual, Malware Database, 2015.2.1.1, 2015.2.1.6, 
Protection, 2/1/2015 2:52:45 PM, SYSTEM, OWNER-PC, Protection, Refresh, Starting, 
Protection, 2/1/2015 2:52:45 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 2/1/2015 2:52:45 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 2/1/2015 2:53:20 PM, SYSTEM, OWNER-PC, Protection, Refresh, Success, 
Protection, 2/1/2015 2:53:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 2:53:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Scan, 2/1/2015 3:18:24 PM, SYSTEM, OWNER-PC, Manual, Start:2/1/2015 2:55:17 PM, Duration:21 min 36 sec, Threat Scan, Completed, 0 Malware Detections, 2 Non-Malware Detections, 
Protection, 2/1/2015 3:21:09 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 3:21:09 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 3:21:09 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 3:21:10 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Protection, 2/1/2015 3:36:39 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 3:36:40 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 3:36:40 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 3:36:41 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Protection, 2/1/2015 3:40:33 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Stopping, 
Protection, 2/1/2015 3:40:33 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Stopped, 
Protection, 2/1/2015 3:40:35 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 2/1/2015 3:40:36 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 2/1/2015 4:10:22 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 4:10:22 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 4:10:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 4:10:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Detection, 2/1/2015 4:12:32 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 4:12:32 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
 
(end)
Link to post
Share on other sites

Probably only this part of the log should be considered, as it is when the scan was completed.

 

Scan, 2/1/2015 3:18:24 PM, SYSTEM, OWNER-PC, Manual, Start:2/1/2015 2:55:17 PM, Duration:21 min 36 sec, Threat Scan, Completed, 0 Malware Detections, 2 Non-Malware Detections, 
Protection, 2/1/2015 3:21:09 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 3:21:09 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 3:21:09 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 3:21:10 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Protection, 2/1/2015 3:36:39 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 3:36:40 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 3:36:40 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 3:36:41 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Protection, 2/1/2015 3:40:33 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Stopping, 
Protection, 2/1/2015 3:40:33 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Stopped, 
Protection, 2/1/2015 3:40:35 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 2/1/2015 3:40:36 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 2/1/2015 4:10:22 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 4:10:22 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 4:10:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 4:10:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Detection, 2/1/2015 4:12:32 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 4:12:32 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
 
(end)
Link to post
Share on other sites

Unfortunately Skype does have P2P qualities, as such it did not take malware writers long to take advantage, the IP address being blocked (193.107.16.242) is from the Russian Federation and is listed as dangerous. If you continue using Skype this issue will continue, at least take solice from the fact that Malwarebytes blocks the malicious connection attempt.

The only real answer is to stop using Skye and uninstall it, obviously that is your decision.... Let me know what you decide..

Link to post
Share on other sites

Actually, svchost has made a reappearance... it seems to be incoming from the same IP address. Does this mean it is also linked to skype? Heres a bit of the recent protection log. It seems to have come back while I was idol watching the Super Bowl.

 

 
Protection, 2/1/2015 2:53:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Scan, 2/1/2015 3:18:24 PM, SYSTEM, OWNER-PC, Manual, Start:2/1/2015 2:55:17 PM, Duration:21 min 36 sec, Threat Scan, Completed, 0 Malware Detections, 2 Non-Malware Detections, 
Protection, 2/1/2015 3:21:09 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 3:21:09 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 3:21:09 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 3:21:10 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Protection, 2/1/2015 3:36:39 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 3:36:40 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 3:36:40 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 3:36:41 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Protection, 2/1/2015 3:40:33 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Stopping, 
Protection, 2/1/2015 3:40:33 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Stopped, 
Protection, 2/1/2015 3:40:35 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 2/1/2015 3:40:36 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 2/1/2015 4:10:22 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Starting, 
Protection, 2/1/2015 4:10:22 PM, SYSTEM, OWNER-PC, Protection, Malware Protection, Started, 
Protection, 2/1/2015 4:10:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 4:10:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Detection, 2/1/2015 4:12:32 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 4:12:32 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 5:12:15 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 5:12:17 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 5:12:21 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 5:31:19 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Update, 2/1/2015 5:31:30 PM, SYSTEM, OWNER-PC, Scheduler, Malware Database, 2015.2.1.6, 2015.2.1.7, 
Protection, 2/1/2015 5:31:30 PM, SYSTEM, OWNER-PC, Protection, Refresh, Starting, 
Protection, 2/1/2015 5:31:30 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 2/1/2015 5:31:30 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 2/1/2015 5:32:02 PM, SYSTEM, OWNER-PC, Protection, Refresh, Success, 
Protection, 2/1/2015 5:32:03 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Starting, 
Protection, 2/1/2015 5:32:03 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, Started, 
Detection, 2/1/2015 6:09:40 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:09:41 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:09:49 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:09:49 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 6:10:22 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:10:22 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 6:10:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:10:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 6:10:27 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:10:27 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 6:53:33 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:53:34 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 6:53:35 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:53:36 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 6:53:39 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:53:39 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 6:54:13 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:54:13 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 6:54:16 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:54:16 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 6:54:19 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 6:54:19 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 7:36:33 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 7:36:33 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 7:36:39 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 7:36:39 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 7:37:12 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 7:37:12 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 7:37:14 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 7:37:14 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 7:37:18 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 7:37:18 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 7:37:19 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:07:37 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:07:37 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:07:40 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:07:40 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:07:43 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:07:43 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:08:18 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:08:18 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:08:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:08:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:08:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:08:25 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:29:17 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:29:17 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:29:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:29:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:29:23 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:29:23 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:36:17 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:36:17 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:36:19 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:36:19 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:36:23 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:36:23 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:36:59 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:36:59 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:37:00 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:37:00 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 8:37:05 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 8:37:05 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:07:45 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:07:45 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:07:47 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:07:47 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:07:51 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:07:51 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:08:25 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:08:25 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:08:27 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:08:27 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:08:31 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:08:31 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:37:18 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:37:18 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:37:18 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:37:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:37:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:37:20 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:37:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:37:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:37:24 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:38:01 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:38:01 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:38:01 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:38:03 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:38:03 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:38:03 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:38:07 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 9:38:07 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 9:38:07 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:11:50 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 10:11:50 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:11:50 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:11:52 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 10:11:52 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:11:52 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:11:56 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 10:11:56 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:11:56 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:12:30 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 10:12:30 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:12:30 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:12:32 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 10:12:32 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:12:32 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:12:36 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, 
Detection, 2/1/2015 10:12:36 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
Detection, 2/1/2015 10:12:36 PM, SYSTEM, OWNER-PC, Protection, Malicious Website Protection, IP, 193.107.16.242, 27765, Inbound, C:\Windows\System32\svchost.exe, 
 
(end)
Link to post
Share on other sites

Just be sure and before we clean up run the following:

 

run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin.

 

(To run ESET Online Scanner in a browser other than Internet Explorer, you'll need to download ESET SMART  Installer during the process)

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is UNticked
Click on Advanced Settings, ensure the following options are checked:
 
Scan for potentially unsafe applications
Enable Anti-Stealth Technology
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

 

Kevin...

Link to post
Share on other sites

Thanks for the log, we only need to remove entries that are not already quarantined, run the following:

 

Download OTM from either of the following links and save to your Desktop: (If your security alerts to OTM, either accept the alert or turn off security to allow OTM to run)

http://oldtimer.geekstogo.com/OTM.exe.
http://www.itxassociates.com/OT-Tools/OTM.com
http://www.itxassociates.com/OT-Tools/OTM.exe  

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion.... If your security alerts to OTM either, accept the alert or turn off security until OTM completes...

  • Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Ensure to start with and include the colon before Files :Files

    :FilesC:\$Recycle.Bin\S-1-5-21-145773722-2116051232-14759766-1000\$RRGBR5T.exeC:\Config.Msi\5ea5b8b.rbf    C:\Config.Msi\5ea5b8c.rbf    C:\Config.Msi\5ea5b8d.rbf    C:\Config.Msi\5ea5b8e.rbf    C:\Config.Msi\5ea5b8f.rbf    C:\Config.Msi\5ea5b90.rbf    C:\Config.Msi\5ea5b91.rbf    C:\Config.Msi\5ea5b92.rbf    C:\Config.Msi\5ea5b93.rbf    C:\Config.Msi\5ea5b96.rbf    C:\Config.Msi\5ea5b97.rbf    C:\Config.Msi\5ea5b98.rbfC:\Windows\Installer\MSI4C4.tmp    C:\Windows\Installer\MSICF31.tmp    C:\Windows\System32\CCX2Xww1SFf0TEjzkA1j.exe    C:\Windows\System32\Adobe\Shockwave 12\gt.exe    C:\Windows\SysWOW64\CCX2Xww1SFf0TEjzkA1j.exe    C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe:Commands[EmptyTemp]
  • Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red btnmoveit.png button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTM


Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.
 

Let me see that log, also let me know if any remaining issues or concerns. If none I gues we can clean up...

 

Thank you,

 

Kevin...

Link to post
Share on other sites

That file c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log could not be found on my computer, although OTM opened a .txt file upon restart. Here are its contents.

 

All processes killed

========== FILES ==========
C:\$Recycle.Bin\S-1-5-21-145773722-2116051232-14759766-1000\$RRGBR5T.exe moved successfully.
C:\Config.Msi\5ea5b8b.rbf moved successfully.
C:\Config.Msi\5ea5b8c.rbf moved successfully.
C:\Config.Msi\5ea5b8d.rbf moved successfully.
C:\Config.Msi\5ea5b8e.rbf moved successfully.
C:\Config.Msi\5ea5b8f.rbf moved successfully.
C:\Config.Msi\5ea5b90.rbf moved successfully.
C:\Config.Msi\5ea5b91.rbf moved successfully.
C:\Config.Msi\5ea5b92.rbf moved successfully.
C:\Config.Msi\5ea5b93.rbf moved successfully.
C:\Config.Msi\5ea5b96.rbf moved successfully.
C:\Config.Msi\5ea5b97.rbf moved successfully.
C:\Config.Msi\5ea5b98.rbf moved successfully.
C:\Windows\Installer\MSI4C4.tmp moved successfully.
C:\Windows\Installer\MSICF31.tmp moved successfully.
C:\Windows\System32\CCX2Xww1SFf0TEjzkA1j.exe moved successfully.
C:\Windows\System32\Adobe\Shockwave 12\gt.exe moved successfully.
File/Folder C:\Windows\SysWOW64\CCX2Xww1SFf0TEjzkA1j.exe not found.
File/Folder C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Jake
->Temp folder emptied: 78056722 bytes
->Temporary Internet Files folder emptied: 56494955 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 366745193 bytes
->Flash cache emptied: 58168 bytes
 
User: Owner
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1715977 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 95268 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 480.00 mb
 
 
OTM by OldTimer - Version 3.1.21.0 log created on 02022015_175618
 
Files moved on Reboot...
C:\Users\Jake\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Jake\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
 
Registry entries deleted on Reboot...
Link to post
Share on other sites

Run the following to clean up:

 

Download "Delfix by Xplode" and save it to your desktop.

 

Or use the following if first link is down:

 

"Delfix link mirror"

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 

 


    Remove disinfection tools
    Purge System Restore
    Reset system settings

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Any remnant files/logs from tools we have used can be deleted

 

Next,

 

Read the following link to fully understand PC security and best practices, you may find it useful....

 

http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/#entry2316629

 

Let me know if we can close out....

 

Thank you,

 

Kevin....

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.