Arkeat Posted November 23, 2015 ID:1003181 Share Posted November 23, 2015 This is my log. Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 11/23/2015Scan Time: 5:20 PMLogfile: d.txtAdministrator: Yes Version: 2.2.0.1024Malware Database: v2015.11.23.09Rootkit Database: v2015.11.23.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 10CPU: x64File System: NTFSUser: Bryce Scan Type: Threat ScanResult: CompletedObjects Scanned: 348568Time Elapsed: 10 min, 37 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 0(No malicious items detected) Modules: 0(No malicious items detected) Registry Keys: 21PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK.1, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK.1, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK.1, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\LaunchPreSignup, , [3f36f988018a8da9f3c5ff8fcb381be5], PUP.Optional.Spigot, HKU\S-1-5-21-1355267718-3768092833-4180230419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A8CC9878-F4D9-424D-A521-24870AFC3C97}, , [8ee7bfc28ffc4de9522b940a3ac92ed2], Registry Values: 1PUP.Optional.Spigot, HKU\S-1-5-21-1355267718-3768092833-4180230419-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A8CC9878-F4D9-424D-A521-24870AFC3C97}|URL, https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms},, [8ee7bfc28ffc4de9522b940a3ac92ed2] Registry Data: 0(No malicious items detected) Folders: 0(No malicious items detected) Files: 6PUP.Optional.Spigot, C:\Users\Bryce\AppData\Local\Temp\offer-63F74DA8-63A0-4788-AEEE-A0D5658600EA.exe, , [84f13b46cac19e9822ea0f76699ba957], PUP.Optional.OpenCandy, C:\Users\Bryce\AppData\Local\Temp\HYDE82B.tmp.1447297453\HTA\install.1447297453.zip, , [92e3136e5b3081b583fc3dc22fd210f0], PUP.Optional.OpenCandy, C:\Users\Bryce\AppData\Local\Temp\HYDE82B.tmp.1447297453\HTA\3rdparty\OCComSDK.dll, , [9ed75f22454681b56e11659ae51c7090], PUP.Optional.PCMechanic, C:\Users\Bryce\AppData\Local\Temp\is-HDH37.tmp\pm-standalone-setup.exe, , [690c285990fbf83e8ba8e93060a131cf], PUP.Optional.PCMechanic, C:\Users\Bryce\Downloads\pcmechanicpm.exe, , [98dd4140a6e5c5713af9d74240c1a858], PUP.Optional.MyPCBackup, C:\Windows\System32\Tasks\LaunchPreSignup, , [adc8b1d0fd8ea096ddd91f6f71929769], Physical Sectors: 0(No malicious items detected) (end) Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted November 23, 2015 ID:1003185 Share Posted November 23, 2015 Hello and Yes, you can remove all found malware. Also we can check your PC thoroughly: Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.Only one of them will run on your system, that will be the right version. Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted December 5, 2015 Root Admin ID:1005251 Share Posted December 5, 2015 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts