Jump to content

Recommended Posts

We seem to have 4 VERY persistent infections. Mind Spark, Ask.com & others. No amount of cleaning gets rid of the problems! Please Help!

After reinstalling Malwarebytes and scanning, it cleaned 327 items. Ran AdwCleaner it removed a bunch of threats. This morning 2 were right back so I ran AdwCleaner again and Hitmman pro after that and then 4 items were back. I am near my wits end!! The Hitman pro log is copied below.

	HitmanPro 3.7.15.281
	www.hitmanpro.com

	   Computer name . . . . : ACER-PC
	   Windows . . . . . . . : 10.0.0.14393.X64/4
	   User name . . . . . . : acer-PC\acer
	   UAC . . . . . . . . . : Enabled
	   License . . . . . . . : Free

	   Scan date . . . . . . : 2017-03-29 15:34:42
	   Scan mode . . . . . . : Normal
	   Scan duration . . . . : 10m 13s
	   Disk access mode  . . : Direct disk access (SRB)
	   Cloud . . . . . . . . : Internet
	   Reboot  . . . . . . . : No

	   Threats . . . . . . . : 0
	   Traces  . . . . . . . : 4

	   Objects scanned . . . : 2,076,381
	   Files scanned . . . . : 66,173
	   Remnants scanned  . . : 421,941 files / 1,588,267 keys

	Suspicious files ____________________________________________________________

	   C:\WINDOWS\SysWOW64\ASock32.OCX
	      Size . . . . . . . : 62,384 bytes
	      Age  . . . . . . . : 1097.1 days (2014-03-28 13:02:29)
	      Entropy  . . . . . : 5.7
	      SHA-256  . . . . . : 5DB604CEEE5C4502F7FB4DB77CDBBA70F0783AF3A92389749040167384ECDC9F
	      Product  . . . . . : ASOCKET
	      Publisher  . . . . : Mabry Software, Inc.
	      Description  . . . : Mabry ASocket Control
	      Version  . . . . . : 5.00.012
	      Copyright  . . . . : Copyright © 1996-1998 by Zane Thomas
	      RSA Key Size . . . : 512
	      LanguageID . . . . : 1033
	      Authenticode . . . : Self-signed
	      Fuzzy  . . . . . . : 26.0
	         Program is code signed with a weak certificate. This is common to malware.
	         Program is code self-signed.
	         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.

	   C:\WINDOWS\SysWOW64\GetHst32.OCX
	      Size . . . . . . . : 46,512 bytes
	      Age  . . . . . . . : 1097.1 days (2014-03-28 13:02:29)
	      Entropy  . . . . . : 5.5
	      SHA-256  . . . . . : 37643B0F7D6B680B79CC6F53A34E4F655E5649AC83703C5531E6598950076ED6
	      Product  . . . . . : GetHst
	      Publisher  . . . . : Mabry Software, Inc.
	      Description  . . . : Mabry Internet GetHst Control
	      Version  . . . . . : 5.00.007
	      Copyright  . . . . : Copyright © 1996-1998 by Mabry Software, Inc.
	      RSA Key Size . . . : 512
	      LanguageID . . . . : 1033
	      Authenticode . . . : Self-signed
	      Fuzzy  . . . . . . : 26.0
	         Program is code signed with a weak certificate. This is common to malware.
	         Program is code self-signed.
	         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.

	   C:\WINDOWS\SysWOW64\Mftp32.ocx
	      Size . . . . . . . : 75,696 bytes
	      Age  . . . . . . . : 1097.1 days (2014-03-28 13:02:29)
	      Entropy  . . . . . : 5.8
	      SHA-256  . . . . . : 6249744A37B44608E569160B7281D34AFA6BFDF625FF60237C400067575F54A5
	      Product  . . . . . : Mabry Internet FTP Control
	      Publisher  . . . . : Mabry Software, Inc.
	      Description  . . . : Mabry Internet FTP Control
	      Version  . . . . . : 5.00.015
	      Copyright  . . . . : Copyright © 1996-1998 by Zane Thomas
	      RSA Key Size . . . : 512
	      LanguageID . . . . : 1033
	      Authenticode . . . : Self-signed
	      Fuzzy  . . . . . . : 26.0
	         Program is code signed with a weak certificate. This is common to malware.
	         Program is code self-signed.
	         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.


	Potential Unwanted Programs _________________________________________________

	   HKU\S-1-5-21-4003829262-2848994777-1340562341-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)


Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.