Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: I can't find the files I need to delete to get rid of some malware

28 May 2014   #1
mrwizard70

CA
 
 
I can't find the files I need to delete to get rid of some malware

I got a malware pack that the antivirus software I have used (awdware, norton, hitman pro,malwarebytes) can't get rid of. I am trying to manually uninstall it, but cannot find the files specified by the tutorials.
% %ProgramData%\*.
%CommonProgramFiles%\ComObjects*.exe
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\ Monkeytize.tlb
are some examples.
Is this because it's built off a different version of windows?


My System SpecsSystem Spec
.

28 May 2014   #2
mrwizard70

CA
 
 

I have monkeytize, sv9 dilvery67 and more
My System SpecsSystem Spec
28 May 2014   #3
cottonball

Windows 7 Home Premium
 
 

Please use the tool Zoek:
Download > Download zoek.exe version 5.0.0.0

When the Zoek.exe download appears, save to the Desktop.
On the Desktop, right-click Zoek.exe and select: Run as Administrator
Give it a few seconds to appear.

Disable your AntiVirus and AntiSpyware programs, so they don't interfere with the running of Zoek.exe.
You can find instructions how to disable your security applications here:
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides

On the Zoek interface, click the Options button and place a checkmark only on the following options:

Do a Deep Scan
Installed Programs


Now...
  • Close any open Browsers.
  • Click the Run script button, and wait. It takes a few minutes to run all the script.
  • When the tool finishes, the zoek-results.log is opened in Notepad.
  • The log is also found on the systemdrive, normally C:\
  • If a reboot is needed log is opened after the reboot.
Please post the zoek-results.log in your reply.
My System SpecsSystem Spec
.


28 May 2014   #4
mrwizard70

CA
 
 
Log results

Code:
 
Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by Mark-Wegrich on Wed 05/28/2014 at 20:38:25.73.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Mark-Wegrich\Desktop\zoek.exe [Scan all users] [Checkboxes used]
 
==== System Restore Info ======================
 
5/28/2014 8:47:34 PM Zoek.exe System Restore Point Created Succesfully.
 
==== Installed Programs ======================
 
Adobe Flash Player 11 ActiveX 
Age of Mythology 
AMD Accelerated Video Transcoding 
AMD APP SDK Runtime 
AMD AVIVO64 Codecs 
AMD Catalyst Install Manager 
AMD Media Foundation Decoders 
AMD Steady Video Plug-In 
AMD USB 3.0 Device Detector 
AMD VISION Engine Control Center 
ArcSoft TotalMedia 
ArcSoft Webcam Sharing Manager 
Bonjour 
Broadcom 802.11 Wireless LAN Adapter 
Broadcom Bluetooth Software 
Broadcom Wireless Utility 
Catalyst Control Center - Branding 
Catalyst Control Center Graphics Previews Common 
Catalyst Control Center Localization All 
ccc-utility64 
CCC Help Chinese Standard 
CCC Help Chinese Traditional 
CCC Help Czech 
CCC Help Danish 
CCC Help Dutch 
CCC Help English 
CCC Help Finnish 
CCC Help French 
CCC Help German 
CCC Help Greek 
CCC Help Hungarian 
CCC Help Italian 
CCC Help Japanese 
CCC Help Korean 
CCC Help Norwegian 
CCC Help Polish 
CCC Help Portuguese 
CCC Help Russian 
CCC Help Spanish 
CCC Help Swedish 
CCC Help Thai 
CCC Help Turkish 
Cisco EAP-FAST Module 
Cisco LEAP Module 
Cisco PEAP Module 
D3DX10 
DayZ 
Device Access Manager for HP ProtectTools 
Don't Starve 
Drive Encryption For HP ProtectTools 
Dropbox 
Energy Star Digital Logo 
Evernote v. 4.5.4 
Face Recognition for HP ProtectTools 
File Sanitizer For HP ProtectTools 
Fraps (remove only) 
GIMP 2.8.10 
Google Chrome 
Google Talk Plugin 
Google Update Helper 
Hewlett-Packard ACLM.NET v1.1.2.0 
HitmanPro 3.7 
HP 3D DriveGuard 
HP Auto 
HP Connection Manager 
HP Customer Experience Enhancements 
HP Documentation 
HP ESU for Microsoft Windows 7 
HP HD Webcam Driver 
HP Hotkey Support 
HP Postscript Converter 
HP Power Assistant 
HP ProtectTools Security Manager 
HP Setup 
HP SoftPaq Download Manager 
HP Software Framework 
HP Software Setup 
HP Support Assistant 
HP System Default Settings 
HP Wallpaper 
IDT Audio 
Java 7 Update 45 
Java Auto Updater 
JMicron Flash Media Controller Driver 
Junk Mail filter update 
LogMeIn Hamachi 
Malwarebytes Anti-Malware version 2.0.2.1012 
Microsoft .NET Framework 4.5.1 
Microsoft Antimalware 
Microsoft Antimalware Service Multi-Language Pack 
Microsoft Application Error Reporting 
Microsoft OneDrive 
Microsoft Security Client 
Microsoft Security Client MUI Language Pack 
Microsoft Security Essentials 
Microsoft SQL Server 2005 Compact Edition [ENU] 
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 
Microsoft Visual C++ 2005 Redistributable 
Microsoft Visual C++ 2005 Redistributable (x64) 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 
Movie Maker 
MSVCRT 
MSVCRT_amd64 
MSVCRT110 
MSVCRT110_amd64 
MSXML 4.0 SP2 (KB954430) 
MSXML 4.0 SP2 (KB973688) 
MSXML4 Parser 
NVIDIA PhysX 
Open Broadcaster Software 
OpenOffice 4.0.1 
opensource 
Origin 
Overwolf 
PAYDAY: The Heist 
PDF Complete Corporate Edition 
Photo Common 
Photo Gallery 
PlanetSide 2 
Privacy Manager for HP ProtectTools 
Realtek Ethernet Controller All-In-One Windows Driver 
SDK 
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) 
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) 
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) 
Sid Meier's Civilization V 
SkypeT 6.3 
Source SDK Base 2006 
SPORET 
StarCraft II 
Steam 
Synaptics Pointing Device Driver 
System Update kb70007 
Team Fortress 2 
TeamSpeak 3 Client 
The Battle for Middle-earth (tm) II 
Theft Recovery for HP ProtectTools 
Validity Fingerprint Sensor Driver 
War Thunder 
Windows Live Communications Platform 
Windows Live Essentials 
Windows Live Family Safety 
Windows Live ID Sign-in Assistant 
Windows Live Installer 
Windows Live Mail 
Windows Live Messenger 
Windows Live MIME IFilter 
Windows Live Photo Common 
Windows Live PIMT Platform 
Windows Live SOXE 
Windows Live SOXE Definitions 
Windows Live UX Platform 
Windows Live UX Platform Language Pack 
Windows Live Writer 
Windows Live Writer Resources 
WinZip 15.0 
XSplit Broadcaster 
XSplit Gamecaster 
 
==== Running Processes ======================
 
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Mark-Wegrich\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Mark-Wegrich\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Steam\vr\runtime\bin\vrserver.exe
c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Mark-Wegrich\Desktop\zoek.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
 
==== System Specs ======================
 
Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 3533 MB
CPU Info: AMD A6-4400M APU with Radeon(tm) HD Graphics
CPU Speed: 2693.6 MHz
Sound Card: Speakers / HP (IDT High Definit | 
Communications Headphones (IDT | 
Display Adapters: AMD Radeon HD 7520G | AMD Radeon HD 7520G | AMD Radeon HD 7520G | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Broadcom 4313GN 802.11b/g/n 1x1 Wi-Fi Adapter | Bluetooth Personal Area Network | Realtek PCIe GBE Family Controller | Hamachi Network Interface
CD / DVD Drives: 1x (F: | ) F: hp CDDVDW SN-208DB
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 448.8GB | E: 2.0GB | G: 14.7GB
Hard Disks - Free: C: 299.7GB | E: 2.0GB | G: 2.2GB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 09/14/11 | HPQOEM - 3
Time Zone: Pacific Standard Time
Motherboard *: Hewlett-Packard 17ED
Country: United States 
Language: ENU 
 
==== System Specs (Software) ======================
 
Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome    35.0.1916.114
Internet Explorer Version: 11.0.9600.17107 
Google Chrome version: 35.0.1916.114
Sun Java version: 1.7.0_45 (32-bit)
My System SpecsSystem Spec
28 May 2014   #5
mrwizard70

CA
 
 

Its getting really really bad. I'm going to factory reset my computer if this doesn't work.
My System SpecsSystem Spec
29 May 2014   #6
cottonball

Windows 7 Home Premium
 
 

You need to post the entire zoek-results.log in your reply...only got part of it!
My System SpecsSystem Spec
02 Jun 2014   #7
andrew129260

Windows 7 Professional x64 Sp1
 
 

Quote   Quote: Originally Posted by mrwizard70 View Post
Its getting really really bad. I'm going to factory reset my computer if this doesn't work.
I always suggest that if you are highly infected to do this instead.

Especially if you know how.

Either way, up to you. We will be here to assist if wanted.
My System SpecsSystem Spec
Reply

 I can't find the files I need to delete to get rid of some malware




Thread Tools





Similar help and support threads
Thread Forum
can returning to factory settings delete malware
can it ?
System Security
Downloaded Tuvaro, malware, cannot delete, redirects.
My wife unfortunately hit the wrong button and downloaded Tuvaro, malware that redirects your home screen in IE and Chrome to a Tuvaro Bing search. I've googled it, saw several fixes, and I think I've fixed most of the problem, but whenever I open IE or Chrome, it redirects to this Tuvaro screen. ...
System Security
Unable to delete autorun.inf and .vbs malware from my usb
Hi I am trying to delete the autorun.inf and .vbs file from my usb. but i am unable to delete it. whenever i transfer any file to usb it is converted into shortcut file. whenever i delete .lnk file they again generate. I have refer this forum post in which it is suggested to use rkill but it is...
System Security
Researchers find new point-of-sale malware called BlackPOS
Source A Guy
Security News
Browser malware can't delete
I recently downloaded a little program from Kim Komando named TaskbarCleaner. I'm always careful not to check those little programs they offer when downloading various programs. However, after downloading taskbar cleaner, something called MyStart has attached itself to Chrome as the home page and...
Browsers & Mail
Stuxnet 2.0? Researchers find new 'cyber-surveillance' malware threat
Researchers at Symantec have sounded an alarm for a new piece of malware with “striking similarities” to Stuxnet, the mysterious computer worm that targeted nuclear facilities in Iran. The new malware, identified as Duqu, is a highly specialized Trojan capable of gathering intelligence data and...
Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 21:04.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App