Solved Possible Zeroaccess infection: denied access to MSE, update error

To fix this

[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=garys-new-iphone.local:6666;hxxps=garys-new-iphone.local:6666;socks=garys-new-iphone.local:5050) -> FOUND

Click the Fix Proxy button

It's AdwCleaner v3.000

ESET scan complete, no issues discovered

How about the Proxy issue on post # 41 did you click on Fix Proxy button inside RogueKiller ?

yes! that is resolved as well. I think that was left over from a couple years ago when i attempted to set up a proxy to connect my laptop to my iphone so i could use the internet. Everything looks great! anything else i should check up on before i mark this one solved?

Download HitManPro

64-Bit Version OS :ar: HitmanPro_x64

32-Bit Version OS :ar: HitmanPro

:ar: Save to the Desktop

:ar: Right click on HitmanPro.exe and choose

:ar: When HitmanPro opens up click on Settings uncheck Scan for tracking cookies . Click on OK . Then click on the Next button

:ar: Click on No, I only want to perform a one-time scan to check this computer on the Setup page . Click Next once done .

:ar: Let it scan the PC once its done Click Next

:ar: Click Activate free license to start the free 30 days trial and remove all the malicious files from your computer then click Next

Upload the log . Locate in C:\ ProgramData\Hitman Pro\Logs

2 hits. One of them looks like a false positive on JRT

Did it delete it ?

Download TFC below

Download link :ar: http://oldtimer.geekstogo.com/TFC.exe

Drag the TFC.exe from your Downloads folder to the Desktop

Right click on TFC.exe and choose

Click on the Start button

When its finished it will ask you to restart your PC if it doesn't restart manually .

Yes, HitManPro deleted JRT. Just completed TFC with nothing remarkable. report is below:
Getting user folders.

Stopping running processes.

Emptying Temp folders.


User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Laura
->Temp folder emptied: 1368085235 bytes
->Temporary Internet Files folder emptied: 758746647 bytes
->Java cache emptied: 46822 bytes
->FireFox cache emptied: 22723487 bytes
->Google Chrome cache emptied: 417919650 bytes
->Flash cache emptied: 8325495 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 166367 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 180920880 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33432 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42338339 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 0 bytes
Process complete!

Total Files Cleaned = 2,670.00 mb


anything else I should do?

Lets redownload a fresh copy of FRST64.exe

Delete the old one first

Run Farbar Recovery Scan Tool


64-Bit Version OS Farbar Recovery Scan Tool x64 <===== Download Link

Drag the FRST64.exe from the Downloads folder to your Desktop

Right click on FRST64.exe and choose

When the tool opens click Yes on the disclaimer window .

Press Scan button.

FRST will let you know when the scan is complete and has written the FRST.txt to file


Please upload the log

as requested!

Open Notepad . Inside notepad paste the highlighted text below


start
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
CHR Plugin: (Default Plug-in) - default_plugin No File
R2 SSIRuntimeService; C:\Program Files (x86)\Software Secure, Inc\SSIRuntimeService\SSIRuntimeService.exe [40960 2011-03-01] ()
2013-08-14 00:43 - 2013-08-14 11:10 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-13 18:48 - 2013-08-13 18:48 - 00000000 ____D C:\Windows\TempD466FE7B-D70C-CC77-5817-1387CBF56E19-Signatures
end


Click on File select Save as

Save to : Desktop

File Name : Fixlist.txt

Save as type : All Files

Click on the Save button


Close Notepad.

Open FRST64.exe and click on the [Fix] button. Once its completed it will create a new log called Fixlog.txt upload this log

done

Lets run this

Run SecurityCheck

Click here :ar: SecurityCheck to Download

Place the file onto your desktop

Right-click the SecurityCheck choose

Press any key to continue

Once the scan is done . It will open up a text file copy and paste the text

Press Ctrl and A to select All of the text
Press Ctrl and C to copy the selected text
In your reply click on the message box and press Ctrl and V to Paste

Results of screen317's Security Check version 0.99.72
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.0
Java 7 Update 25
Adobe Reader XI
Mozilla Firefox (3.6.12) Firefox out of Date!
Google Chrome 28.0.1500.72
Google Chrome 28.0.1500.95
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

Mozilla Firefox (3.6.12) Firefox out of Date!

Might want to update your Firefox

just uninstalled it, never used it. Anything else or is this baby good?

I have asked someone to take a look to see if we are good. Hows the PC working as of late ?

working great. updates are working and MSE is running smoothly! Think this baby is set. BTW, can you take a quick gander at my other laptop's farnbar report? If you see anything funny i'll run the same steps u recommended before. Thanks!

I am not seeing anything but Id run RogueKiller , AdwCleaner and JRT.