krys
New Helpee
Posts: 25
|
Post by krys on Oct 23, 2014 16:47:19 GMT -8
Here is the AdwCleaner log... Also, my system is working well...no new attacks yet, no slew of Com Surrogates...
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 23, 2014 17:25:33 GMT -8
Please run AdwCleaner again (if you don't have it running from the last scan) and
a) Click the Scan Button and wait for the scan to finish, (If Adwcleaner has been left open at the finish of the scan this is already done).
b) Make sure in your case all the items under each TAB are ticked / checked EXCEPT the following:
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
(These belong to Norton and should be left alone.)
c) Click the Clean Button and Adwcleaner will process all the items ticked / checked and then may ask for the system to be restarted.
d) It should create a new log afterwards (with S0 in the name).
e) Please attach or copy the log into your reply here.
|
|
krys
New Helpee
Posts: 25
|
Post by krys on Oct 23, 2014 20:27:14 GMT -8
This is the second log from AdwCleaner:
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 23, 2014 22:26:32 GMT -8
Good news about your system but we are not done yet ... Step1 - Malwarebytes' Anti-MalwarePlease download the latest version of Malwarebytes' Anti-Malware from HereDouble Click on the mbam-setup.exe file to install the application. Do not check on the Trial of Professional version. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link Once the program has loaded and updated, select " Scan Now >>" to start the scan. The scan may take some time to finish, so please be patient. If any malware is found, you will be presented with a screen like the one below. Please click on the Export Log button and select the As text file from the dropdown list. I would suggest you save the file on your desktop (as we need the report attached here for review and it is easy to find on the desktop). After you have saved the report file, return to the Potential Threats Detected page and click on Cancel. You can close MBAM after that. Please attach the report file to a post here; I will review the file and script what needs to be removed.
|
|
krys
New Helpee
Posts: 25
|
Post by krys on Oct 24, 2014 13:49:01 GMT -8
Here is the Malwarebytes log:
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 24, 2014 15:10:43 GMT -8
This next step may take a while (just to warn you) ..... ESET Online does not work with IE 11 (Internet Explorer) at the moment (a few weeks ago anyway) so if you have IE 11, Chrome or Firefox has to be used instead. ESET Online does work with IE 10 and earlier. You can leave Norton Enabled even though ESET may warn about it. just makes the scan take longer. The pictures below showing what to click may be blue instead of green on the ESET website now, but the procedure is still the same Please read carefully and Slowly, Notice all the settings listed below to check before starting the scan. Stop and ask if you have any questions.Take note of the NO tick in the Remove found threats setting below at it needs to have the tick removed.
Hold down Control key and click on the following link to open ESET OnlineScan in a new window. Link =>> ESET OnlineScan << Click the Run ESET Online Scanner located on the left side of the page (not the free trial). For browsers other than Internet Explorer only: (Microsoft Internet Explorer users can skip this step) Click on the esetsmartinstaller link in the popup window that opens. Save it to your desktop. Double click on the icon on your desktop. Check (accept) the Terms of Use. Click the START button. Accept any security warnings from your browser. Now in the Computer scan settings window that appears:- Make sure that the option Enable detection of potentially unwanted applications is selected. Now click on Advanced Settings and configure the options as follows: Remove found threats is Not checkedScan archives is checkedScan for potentially unsafe applications is checkedEnable Anti-Stealth Technology is checkedNow click on: StartESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. When the scan is finished, if any threats are found you will see the screen below. Click to view the found threats. At the bottom of the listed threats, there is an option to save the results to a text file. Please do this so you can attach the results here for review and removal of the items that are not false positives (these will be scripted out so do not worry). Once the log text file is saved, return to the Scan Finished screen by clicking "<<Back", then click on the uninstall button and click Finish. Attach the saved log file in your next reply please. Thanks.
|
|
krys
New Helpee
Posts: 25
|
Post by krys on Oct 25, 2014 11:06:56 GMT -8
Here is my ESET log...
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 25, 2014 15:49:46 GMT -8
Download OTL from here on to the Desktop. Disable Norton / Symantec for say 30mins - (Right click on the Norton icon in the Notification tray and select Disable Protection; you turn this back on after the scan is finished) Start OTL, (Right click and from the menu choose "Run as Administrator") Click the Scan All Users checkbox. Change file age to 90 daysPress the Run Scan button. An OTL.txt and Extras.txt log files will be created. You can attach then to a post or copy_paste the logs text into a post here. If you have any problems come back and ask.
|
|
krys
New Helpee
Posts: 25
|
Post by krys on Oct 25, 2014 17:35:01 GMT -8
Here is OTL.txt and Extras.txt
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 25, 2014 19:08:42 GMT -8
Start OTL by right clicking on it and selecting "Run as Administrator".
Under Custom Scans/Fixes copy and paste the contents of the text file attached below (include the : at the start of :OTL and all the way to the end / bottom ([REBOOT] is the last command line)). The file is in the correct line by line layout to tell OTL to do what needs to be done. Once the text is pasted, click on the Red RUN FIX button.
The output log from the fix should be placed in the C:\_OTL\MovedFiles folder after the fix is done. The file is a text file with a .log extension.
|
|