Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan.Agent/Gen.Dropper found


  • Please log in to reply
47 replies to this topic

#1 sudsy

sudsy

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast
  • Local time:10:24 PM

Posted 22 December 2014 - 01:31 AM

Superantispyware reports this trojan. I have tried a Microsoft Security Essentials Ful Scan but it keeps coming back What should I do next?

 

Sudsy


UFO pilot

BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 22 December 2014 - 09:31 AM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Non-malware removal steps
 
Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup

Thanks and good luck!



#3 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast

Posted 22 December 2014 - 02:58 PM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Steve (administrator) on 22-12-2014 at 14:53:57
Running from "C:\Users\Steve\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

"Reset FF Proxy Settings": Firefox Proxy settings were reset.



=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd)
AVG PC TuneUp 2014 (en-US) (x32 Version: 14.0.1001.519 - AVG) Hidden
AVG Zen (Version: 1.0.329 - AVG Technologies) Hidden
BisonCam (HKLM-x32\...\{4A57592C-FF92-4083-97A9-92783BD5AFB4}) (Version: 6.64.0.05 - Bisont Electrocnics. Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - Canon Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
eXtreme Burner - AVR 1.4.2 (HKLM\...\{420475CC-5F81-421A-86A8-42FC1E147679}_is1) (Version: 1.4.2 - eXtreme Electronics, India.)
FMW 1 (Version: 1.0.230 - AVG Technologies) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NETGEAR Zing Mobile Hotspot Driver Package (HKLM-x32\...\AC771SDrvInstaller) (Version: 3.0.1309.3881-5 - NETGEAR)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
O2Micro Flash Memory Card Reader Driver Installer(x64) (HKLM\...\{3F2B4DAD-88CB-4F5B-86B2-DF3384063EFA}) (Version: 3.09 - O2Micro)
OpenSSL 1.0.0l Light (32-bit) (HKLM-x32\...\OpenSSL Light (32-bit)_is1) (Version:  - OpenSSL Win32 Installer Team)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealFlight 7 R/C Simulator (HKLM-x32\...\RealFlight7Pro) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6278 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
ScanTool.net for Windows v1.13 (HKLM-x32\...\ScanTool.net for Windows) (Version: v1.13 - ScanTool.net, LLC)
Seagate DiscWizard (HKLM-x32\...\{8FB2A014-A0B0-42D8-8E18-9AFC6A6E2814}) (Version: 13.0.14387 - Seagate)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{E45C398D-F240-4829-B408-D158C6356832}) (Version: 6.5.3 - Silicon Laboratories, Inc.)
SlingPlayer for Web (HKLM-x32\...\{EF471CCE-B371-4BCC-AE8C-86F93D917184}) (Version: 2.4.0113 - Sling Media)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1144 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 13.0.3020.7 - TuneUp Software) Hidden
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Vector Configuration Software (HKLM-x32\...\{D6797773-5F0D-44E4-BA09-20CBAD44E75C}) (Version: 11.48.00 - Eagle Tree Systems, LLC)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinAVR 20100110 (remove only) (HKLM-x32\...\WinAVR-20100110) (Version: 20100110 - )
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - 3D Robotics (usbser) Ports  (01/01/2012 1.0.0.0) (HKLM\...\EFAD5C0D97DF3AEB49E55E224DEA9DE0EEE097E2) (Version: 01/01/2012 1.0.0.0 - 3D Robotics)
Windows Driver Package - 3D Robotics (usbser) Ports  (01/01/2012 1.0.0.0) (HKLM\...\F58EFAC40E61FC25C13E08EE5CF9A612BF375AD8) (Version: 01/01/2012 1.0.0.0 - 3D Robotics)
Windows Driver Package - 3D Robotics (usbser) Ports  (03/28/2013 1.6.2.0) (HKLM\...\D4BE65E2BB029E9D50B48199CCFFE66D0F514A27) (Version: 03/28/2013 1.6.2.0 - 3D Robotics)
Windows Driver Package - 3D Robotics (usbser) Ports  (04/11/2013 2.0.0.4) (HKLM\...\434608CF2B6E31F0DDBA5C511053F957B55F098E) (Version: 04/11/2013 2.0.0.4 - 3D Robotics)
Windows Driver Package - 3D Robotics (usbser) Ports  (04/11/2013 2.0.0.4) (HKLM\...\FCBC924691E2F2C40A755779AA1E64588ED634A6) (Version: 04/11/2013 2.0.0.4 - 3D Robotics)
Windows Driver Package - 3D Robotics (usbser) Ports  (07/31/2013 2.0.0.3) (HKLM\...\3C34FF4EF99EAC8D565419CDF431F96703771360) (Version: 07/31/2013 2.0.0.3 - 3D Robotics)
Windows Driver Package - Arduino LLC (www.arduino.cc) (usbser) Ports  (11/15/2012 5.1.2600.0) (HKLM\...\1C403B82E4E446F5F271843776F81232792700B4) (Version: 11/15/2012 5.1.2600.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino LLC (www.arduino.cc) (usbser) Ports  (11/15/2012 5.1.2600.0) (HKLM\...\4414E25DD1DDB3A149E9A6222CA82E070C630A02) (Version: 11/15/2012 5.1.2600.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino LLC (www.arduino.cc) (usbser) Ports  (11/15/2012 5.1.2600.1) (HKLM\...\4D5C83CB44CE9278C27458316B8CCA4571BA7B39) (Version: 11/15/2012 5.1.2600.1 - Arduino LLC (www.arduino.cc))
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30) (HKLM\...\22CCD58B53472BE3FCAFF05631111C4062959A43) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (07/12/2013 2.08.30) (HKLM\...\BD00013670D26C16E19F284BF8E15DAF813497C7) (Version: 07/12/2013 2.08.30 - FTDI)
Windows Driver Package - Palm (WinUSB) Palm Devices  (10/09/2009 1.0.1) (HKLM\...\705BB4107F4B3FAEECCDB213EAD10359BBFF3BFA) (Version: 10/09/2009 1.0.1 - Palm)
Windows Driver Package - u-blox AG (ubloxusb) Ports  (07/03/2013 1.2.0.8) (HKLM\...\FD26D50F08971338088D01BEDED393EC9F9C4FA7) (Version: 07/03/2013 1.2.0.8 - u-blox AG)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
========================= Restore Points ==================================

18-12-2014 06:21:31 Scheduled Checkpoint
18-12-2014 23:53:44 Tweaking.com - Windows Repair
19-12-2014 01:06:43 Microsoft Antimalware Checkpoint
22-12-2014 02:02:30 Windows Update

**** End of log ****
 


UFO pilot

#4 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast
  • Local time:10:24 PM

Posted 22 December 2014 - 03:03 PM

I have Malwarebytes full edition installed already. I have ran that scan but will do that again right now.

 

I have also tried to do a Disk Cleanup and a Disk Check before I posted here. I HAVE NOT tried the Security Check download yet. I run Microsoft Security Essentials and it is up to date as well as all the other updates that were released last Tuesday.


UFO pilot

#5 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast
  • Local time:10:24 PM

Posted 22 December 2014 - 03:34 PM

Ok I ran the Malwarebytes scan. It found one infection and I removed that. Then I restarted the machine but now I can't find a "History" tab on the Malwarebyted Pro dashboard. I see a "Logs" tab, but no history tab.


UFO pilot

#6 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast
  • Local time:10:24 PM

Posted 22 December 2014 - 03:51 PM

notcheckup31.txt
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 


UFO pilot

#7 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast
  • Local time:10:24 PM

Posted 22 December 2014 - 03:56 PM

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.12.22.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Steve :: NOTEBOOK-PC [administrator]

Protection: Enabled

12/22/2014 3:04:35 PM
mbam-log-2014-12-22 (15-04-35).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 363731
Time elapsed: 9 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Steve\AppData\Local\Temp\v\idlecrawler.exe (PUP.Optional.IdleCrawler) -> Quarantined and deleted successfully.

(end)
 


That is a Cut and Paste copy of the Malwarebytes scan log.


UFO pilot

#8 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast
  • Local time:10:24 PM

Posted 22 December 2014 - 03:58 PM

I also ran a Full Scan with Microsoft Security Essentials as advised by MS before I ever posted here. It took over 2 hours.


Edited by sudsy, 22 December 2014 - 03:58 PM.

UFO pilot

#9 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 22 December 2014 - 04:34 PM

Can you try and run Security Check again please?

 

Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

Edited by LighthouseParty, 22 December 2014 - 04:35 PM.


#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,119 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:24 PM

Posted 22 December 2014 - 04:34 PM

Superantispyware reports this trojan.

It would be helpful if you can advise the specific file(s) name associated with the possible malware threat and where it is located (full file path) on your system.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast

Posted 22 December 2014 - 04:40 PM

Post #6 is the results from running Security Check.

 

I am on another machine typing this. That machine is running a Diskcheck right now.

 

I will try to get the "full path" information ASAP


UFO pilot

#12 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast
  • Local time:11:24 PM

Posted 22 December 2014 - 04:49 PM

It may be gone. After the Check Disk I ran Superantispyware and it found no issues. Then I opened my email and browser (FF) and ran Superantispyware again. Again it shows nothing.

 

Fixed?  Let's hope so!

 

Thanks for the help

 

Sudsy


UFO pilot

#13 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 22 December 2014 - 04:52 PM

Hello there,

 

I wouldn't say it's "fixed". I would still like to check your machine for leftover malware.

 

There was an issue with your Security Check log in post #6, so that's why I've requested you to run it again.

 

Thanks,

Lighthouse Party



#14 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast
  • Local time:10:24 PM

Posted 22 December 2014 - 04:55 PM

Will do right now!

 

Thanks


UFO pilot

#15 sudsy

sudsy
  • Topic Starter

  • Members
  • 452 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US East Coast
  • Local time:10:24 PM

Posted 22 December 2014 - 05:01 PM

notcheckup31.txt
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 

Same results.


UFO pilot




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users