New
#31
v3.000
v3.000
Anything else or is this one officially solved!?
That was a recent update . I have 2.306
Usually it says there is an update .
Ok on the new version 3.000 click on the Clean button
done and done, reports are a few posts back
Run Malwarebytes
Download Link MalwareBytes
When the installation is done uncheck Enable free trial of Malwarebytes (see image below )
Update the definitions and do a full scan
On the Scanner tab:
Make sure the "Perform Full Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply and exit MBAM.
Log looks like this : mbam-log-yyyy-mm-dd
Log located : C:\Users\{Your UserName}\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs or C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs
Looks clean:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.08.14.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Laura :: LAURA-PC [administrator]
8/14/2013 2:22:12 AM
mbam-log-2013-08-14 (02-22-12).txt
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 427650
Time elapsed: 1 hour(s), 52 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : Forum
Website : RogueKiller download
Blog : tigzy-RK
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Laura [Admin rights]
Mode : Scan -- Date : 08/14/2013 11:16:05
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD2500BEVT-22A23T0 +++++
--- User ---
[MBR] 198eb29d567c674079b92f63af980bf1
[BSP] 658a376a6fa05f4157ead5a665eac855 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 63 | Size: 13319 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27278370 | Size: 101 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27487215 | Size: 225052 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_08142013_111605.txt >>
Run RogueKiller and click on the Delete button .
Then run ESET Online Scanner
On
Hold down Control and click on ESET Online Scanner to open ESET OnlineScan in a new window
Click the button
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
° Scan potentially unwanted applications
° Scan for potentially unsafe applications
° Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.
On or
Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
Right click on choose on your desktop
Check YES, I accept the Terms of Use.
Click the Start button.
Accept any security warnings from your browser.
Under scan settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
° Scan potentially unwanted applications
° Scan for potentially unsafe applications
° Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.
Looks like there were 4 hits spotted. Should i just use the program to delete the things they have checked? Also i scanned my other computer with this and got the following report. Should i delete these items as well?
RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : Forum
Website : RogueKiller download
Blog : tigzy-RK
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Gary [Admin rights]
Mode : Scan -- Date : 08/14/2013 11:21:19
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 3 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (hxxp=garys-new-iphone.local:6666;hxxps=garys-new-iphone.local:6666;socks=garys-new-iphone.local:5050) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST9500420AS +++++
--- User ---
[MBR] 3e563a017354c810f067962b52ab80a0
[BSP] a79ace6571998e1b25f4ddc737abb8af : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] b0dc430206e212e42b7598045d4ffa22
[BSP] 4be90e0173eda5250ea297ac98ccbdf5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1200 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2459648 | Size: 463738 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 952195072 | Size: 12000 Mo
Finished : << RKreport[0]_S_08142013_112119.txt >>